Privacy Policy

This Privacy Policy explains how Petal CRM(“Petal CRM,” “we,” “us,” or “our”), operated by Lotus Assurance, collects, uses, and shares information when you visit our website, create an account, or use our salon management platform (the “Service”). Petal CRM is currently in active development; this policy may be updated as the Service evolves.

If you are a client of a salon that uses Petal CRM, the salon controls your information and we process it on their behalf. Please also review that salon’s own privacy practices.

1. Information we collect

• Account information — name, email, phone number, salon name, and login credentials.
• Salon & client data — appointments, services, staff records, and client contact details, visit history, and optional service photos that salons or clients provide.
• Payment information — processed by our payment provider (Stripe). We do not store full card numbers on our servers.
• Communications data — phone numbers, message content, delivery status, and call/SMS metadata used to send reminders, confirmations, and two-way messages.
• Usage & device data — IP address, browser type, pages viewed, and similar analytics, collected via cookies and similar technologies.

2. How we use information

• To provide, operate, and improve the Service.
• To schedule appointments and send reminders, confirmations, and account notices.
• To process payments and subscriptions.
• To provide customer support and respond to requests.
• To protect against fraud, abuse, and security incidents, and to comply with law.

3. SMS, text messaging, and phone calls

Petal CRM uses text messaging (SMS/MMS) and, in some cases, automated voice calls to deliver appointment reminders, booking confirmations, schedule changes, two-way messages between salons and clients, and account or security notifications.

Consent & opt-in

By providing your mobile number to a salon or to Petal CRM and opting in, you consent to receive recurring automated text messages and/or calls at that number. Consent is not a condition of purchasing any goods or services. Salons are responsible for obtaining appropriate consent from their own clients before messaging them through the Service.

Opt-out & help

You can opt out of text messages at any time by replying STOP to any message. After you reply STOP, we will send one confirmation message and then stop sending texts unless you re-subscribe. Reply HELP for help, or contact us at robert@lotusassurance.com. You may decline or opt out of calls at any time.

Frequency & rates

Message frequency varies based on your appointments and settings. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. Supported carriers may change without notice.

How we treat your mobile information

We do not sell, rent, or share mobile phone numbers or SMS/call opt-in data with third parties or affiliates for their own marketing or promotional purposes. We share this information only with the service providers (such as our messaging carrier) that help us deliver the messages you have requested, and only as needed to provide the Service. Text-messaging originator opt-in data and consent are never shared with third parties for any purpose other than delivering the messaging service.

4. How we share information

We share information only as described in this policy, including with:

• Service providers — infrastructure (Supabase), payments (Stripe), messaging carriers (for SMS/voice), and AI processing for features you use (e.g., menu import). These providers may process data only on our instructions.
• The salon you interact with, if you are that salon’s client.
• Legal & safety — when required by law or to protect rights, safety, and the integrity of the Service.
• Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this policy.

We do not sell your personal information.

5. Data retention

We retain information for as long as your account is active or as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Salon business data is scoped per salon account and protected by database row-level security.

6. Security

We use administrative, technical, and organizational measures designed to protect your information, including encryption in transit, authentication, and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

7. Your choices & rights

Depending on where you live, you may have rights to access, correct, delete, or port your personal information, or to object to certain processing. To exercise these rights, contact us at robert@lotusassurance.com. If you are a salon’s client, we may direct your request to that salon.

8. Children’s privacy

The Service is not directed to children under 13 (or the age required by your jurisdiction), and we do not knowingly collect their personal information.

9. International users

We are based in the United States, and your information may be processed there and in other countries with different data-protection laws. Where required, we rely on appropriate safeguards for cross-border transfers.

10. Changes to this policy

We may update this policy from time to time. We will revise the “Last updated” date above and, where appropriate, provide additional notice.

11. Contact us

Questions about this policy or your information? Contact us at robert@lotusassurance.com, by phone at (501) 476-4445, or by mail at Lotus Assurance, 6221 Colonel Glenn Rd, Suite 4, Little Rock, AR 72210.